This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/WgjKRpOnjCMvkqMH2Xc1Giha4-0.roa
File:                     WgjKRpOnjCMvkqMH2Xc1Giha4-0.roa (raw, json)
Hash identifier:          S2kWwA6aGeOZyzQXvlVjpKcQYAX1hP+Ev5foI5xnBKY=
Subject key identifier:   5A:08:CA:46:93:A7:8C:23:2F:92:A3:07:D9:77:35:1A:28:5A:E3:ED
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       019B797EBDAACD08F6A4F876FDEB1F498E54
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/WgjKRpOnjCMvkqMH2Xc1Giha4-0.roa
Signing time:             Thu 01 Jan 2026 12:18:27 +0000
ROA not before:           Thu 01 Jan 2026 12:18:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214613
IP address blocks:        2a0e:aa06:540::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 Jan 2026 14:32:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:bd:aa:cd:08:f6:a4:f8:76:fd:eb:1f:49:8e:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Jan  1 12:18:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5a08ca4693a78c232f92a307d977351a285ae3ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:1f:36:d6:50:35:69:d2:51:40:8a:bd:48:2b:
                    eb:9b:db:57:32:81:26:27:62:41:65:c4:4f:f2:8e:
                    9b:a5:c4:c7:f1:78:f4:d0:8c:59:ea:8c:bb:7a:dc:
                    76:3d:db:26:89:69:a6:e4:71:49:dc:fd:2c:af:88:
                    1d:1d:3d:84:6a:ad:64:1d:f6:59:24:5b:a0:e5:79:
                    d1:54:dc:9a:75:c0:24:f7:81:b2:5a:f2:96:fb:04:
                    14:18:06:9d:0e:aa:57:c9:7a:ab:27:b8:8c:73:b6:
                    f9:ad:6b:a4:98:ae:0c:46:ee:be:e6:5c:18:07:76:
                    bc:8f:df:56:eb:96:08:33:7e:85:76:0f:a9:9e:53:
                    56:87:57:ed:64:c4:82:d9:5d:41:06:c9:6e:ba:e4:
                    e2:3c:8f:4e:a4:cf:64:f9:30:ea:52:b6:b8:07:68:
                    5d:3e:98:17:96:7c:0e:3f:77:e8:44:ca:46:dc:f5:
                    ce:09:52:f5:d5:29:11:a5:bb:90:66:f7:c4:b5:85:
                    3e:01:01:0f:d3:34:73:9a:e9:9e:48:c7:08:89:b5:
                    af:84:c4:47:53:e4:7a:c4:8f:0a:b3:c6:bf:9a:1a:
                    2f:a5:e7:06:2f:c9:ce:64:78:2d:46:61:64:36:70:
                    1b:36:90:8d:f6:04:53:74:7e:f5:27:bb:79:4f:1e:
                    fc:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:08:CA:46:93:A7:8C:23:2F:92:A3:07:D9:77:35:1A:28:5A:E3:ED
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/WgjKRpOnjCMvkqMH2Xc1Giha4-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa06:540::/44

    Signature Algorithm: sha256WithRSAEncryption
         c5:cd:87:fb:0b:25:01:55:b4:98:5d:b0:1e:c8:d0:eb:5f:0a:
         9a:29:ba:b5:3c:c9:87:d0:f1:16:45:2a:54:42:67:28:68:28:
         b2:5d:2d:7c:ad:36:34:7b:6a:43:35:32:52:ad:39:25:73:d0:
         1a:63:2d:d0:b5:f9:9a:79:85:74:58:c3:c8:9e:14:55:c6:51:
         4e:b6:c1:ae:6f:75:64:9f:8c:b3:71:03:dc:d5:e9:8d:a4:c4:
         b1:1e:96:eb:c1:77:6b:97:87:8d:c9:fd:0e:c2:05:49:a9:7e:
         78:0b:06:2a:e3:76:bd:51:36:3a:11:1c:4a:12:ab:bf:d3:53:
         10:a8:49:a3:37:8c:0b:52:73:3a:85:ab:14:78:10:7b:cb:ab:
         85:e3:18:75:06:43:63:d1:e0:36:a7:77:fc:53:54:87:07:59:
         62:2d:ea:8d:7b:21:f7:85:9d:85:4b:1e:da:1c:90:60:59:fb:
         e4:f6:56:ed:8e:d0:3f:48:9a:47:70:fb:f4:d5:c5:13:52:6d:
         3c:3b:52:b1:a0:9e:b0:96:02:9b:8b:9d:3f:d8:cc:1b:4c:97:
         4c:80:79:84:1c:d9:0f:29:47:e6:5d:b5:e4:46:7b:e9:76:0a:
         5e:fe:ab:c8:f4:a2:bf:a4:36:f2:6b:a7:a2:59:3e:f2:9f:9e:
         a3:08:54:51
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZt5fr2qzQj2pPh2/esfSY5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjYwMTAxMTIxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTA4Y2E0NjkzYTc4YzIzMmY5MmEzMDdkOTc3MzUxYTI4NWFlM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR821lA1adJRQIq9SCvrm9tXMoEm
J2JBZcRP8o6bpcTH8Xj00IxZ6oy7etx2PdsmiWmm5HFJ3P0sr4gdHT2Eaq1kHfZZ
JFug5XnRVNyadcAk94GyWvKW+wQUGAadDqpXyXqrJ7iMc7b5rWukmK4MRu6+5lwY
B3a8j99W65YIM36Fdg+pnlNWh1ftZMSC2V1BBsluuuTiPI9OpM9k+TDqUra4B2hd
PpgXlnwOP3foRMpG3PXOCVL11SkRpbuQZvfEtYU+AQEP0zRzmumeSMcIibWvhMRH
U+R6xI8Ks8a/mhovpecGL8nOZHgtRmFkNnAbNpCN9gRTdH71J7t5Tx78jwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFoIykaTp4wjL5KjB9l3NRooWuPtMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvV2dqS1JwT25qQ012a3FNSDJYYzFHaWhhNC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qBgVA
MA0GCSqGSIb3DQEBCwUAA4IBAQDFzYf7CyUBVbSYXbAeyNDrXwqaKbq1PMmH0PEW
RSpUQmcoaCiyXS18rTY0e2pDNTJSrTklc9AaYy3QtfmaeYV0WMPInhRVxlFOtsGu
b3Vkn4yzcQPc1emNpMSxHpbrwXdrl4eNyf0OwgVJqX54CwYq43a9UTY6ERxKEqu/
01MQqEmjN4wLUnM6hasUeBB7y6uF4xh1BkNj0eA2p3f8U1SHB1liLeqNeyH3hZ2F
Sx7aHJBgWfvk9lbtjtA/SJpHcPv01cUTUm08O1KxoJ6wlgKbi50/2MwbTJdMgHmE
HNkPKUfmXbXkRnvpdgpe/qvI9KK/pDbya6eiWT7yn56jCFRR
-----END CERTIFICATE-----